Configuring Advanced Traveler 8.5.1 Settings on the iPhone Part 2

In part one I showed
you how to use the iPhone Configuration Utility to duplicate the settings
that IBM are using for IBM Lotus Notes Traveler’s default configuration
but the iPhone Configuration Utility has a LOT more to it and when you
add these other settings to the XML file that Traveler uses you can provide
your users with a fuller enterprise experience on their iPhones.

Lets start with the ‘Passcode’ section.
This section is probably the most important for companies that have strict
security policies. In this section you can force your iPhones users to
require a passcode on their device. Most of the settings here are similar
to the settings that you will find on any password configuration utility
so you should be able to match them up fairly well to conform to your company
standards. One setting to watch out for is the ‘failed attempts’ setting.
Setting this too low may get you on the bad side of the fat fingered CEO
who can never remember that password.

In the ‘Restrictions’ section you can
turn off parts of the iPhone. Some companies have very strict policies
over the use of cameras inside their premises so you can disable the camera
in this section. You can also disable the use of the AppStore, MusicStore,
YouTube and even Safari from this section but disabling these would seriously
defeat the reasons that your staff bought iPhones.

The WiFi section will allow you to pre
configure a set of WiFi networks on the iPhone. This is useful for companies
that have company wide wifi access points, By listing all your wifi access
points in the configuration profile you can save your users lots of time
in having to remember the access point names and passwords. The Wifi section
has full support for all of the popular wifi security methods.

The next section you can configure is
the VPN section. If your company security gurus insist that you use a VPN
when talking to the IBM Lotus Notes Traveler server then this is where
you can set it up. The VPN section supports L2TP, PPTP and IPSec type connections.
Here’s a handy hint. If the user name for the VPN matches the users full
name or email address you can use the ILNT_User or ILNT_Address keywords
in this section and the Traveler provisioning process will replace them
with real values as needed.

Once you have setup all your other policies
using the iPhone Configuration Utility you just need to export the file
again, rename it to apple.xml and fixup the SSL section as detailed inpart one of this blog, then just place
the file in the correct directory on your IBM Lotus Notes Traveler server
and start provisioning users.

IBM Lotus Notes/Domino and Lotus
Notes Traveler 8.5.1 is prerelease software and there are no guarantees
from IBM that the functionality presented will be in the final shipping
product.

If company policy requires a vpn, is there any benefit of using Lotus Mobile Connect versus another VPN technology? I thought I had read somewhere that Traveler supports LMC seamlessly and perhaps “invisibly”. I hate the idea that the CEO would have to make sure he is on the company VPN before his email will sync…

@3, Yes you can do it via Traveler, contacts has your local Contacts (names.nsf) replicated down to the iPod or iPhone. There is also an additional spot where you can search the corporate directories. It worked on both.

In addition, the 3.12 software has a separate LDAP directory setup now so you can hit your corporate directory event w/o Traveler. Very nice if not very late from Apple – this should have been in the Apple iPhone OS since 1.0.

I know that server addressbook look up with traveler 8.5.1 works only on the iPhone. still, can we hope that some time later this can be applied to other models, at least the newest ones? concerning the tendency to combine everything, I believe it’s possible.

do you know why is it that after setting device security e.g. password required in lotustraveler.nsf the iphone does not report back the device setting?e.g. in lotustraveler.nsf both smybian and windows report back whether the device is in compliance but i get nothingback from iphones.. :(How do I know if they are in compliance?regards